Enable Wbounded by default. Passing bound bigger than the buffer

size almost always has security implications.  I think this quote
from Theo summarizes the situation best:

Which is why it is important to have at least one unforgiving
platform in the ecosystem which properly labels shit shit.

That's OpenBSD.  If anyone can't handle that, they can go to platforms
which hide the reality.

diff --git a/gnu/gcc/gcc/c.opt b/gnu/gcc/gcc/c.opt
index 7d1bd41..a0f3718 100644 (file)
--- a/gnu/gcc/gcc/c.opt
+++ b/gnu/gcc/gcc/c.opt
@@ -133,7 +133,7 @@ C ObjC Var(warn_bad_function_cast)
 Warn about casting functions to incompatible types
 
 Wbounded
-C ObjC C++ Var(warn_bounded)
+C ObjC C++ Var(warn_bounded) Init(1)
 Warn about basic buffer size problems
 
 Wc++-compat

diff --git a/gnu/usr.bin/gcc/gcc/c-common.c b/gnu/usr.bin/gcc/gcc/c-common.c
index f850942..8abe97e 100644 (file)
--- a/gnu/usr.bin/gcc/gcc/c-common.c
+++ b/gnu/usr.bin/gcc/gcc/c-common.c
@@ -335,7 +335,7 @@ int warn_format_security;
 
 /* Warn about buffer size mismatches.  */
 
-int warn_bounded;
+int warn_bounded = 1;
 
 /* C/ObjC language option variables.  */